<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Pwd extends CI_Controller {
	
	function index(){
		//$user = $this->session->userdata('ych_user');
		$headers = apache_request_headers();
		$user_id = isset($headers['user_id'])? intval($headers['user_id']) : 0;
		$token = isset($headers['token'])? $headers['token'] : '';
		$token_key = 'token_'.$user_id;
		$token_val = $this->mycache->get($token_key);
		if($user_id && $token == $token_val){
			$ret['code'] = 0;
			$ret['msg'] = '';
			echo json_encode($ret);exit;
		}else{
			$ret['msg'] = '请先登录';
			$ret['code'] = 1;
			echo json_encode($ret);exit;
		}
	}
	
	function set(){
		//$user = $this->session->userdata('ych_user');
		$headers = apache_request_headers();
		$user_id = isset($headers['user_id'])? intval($headers['user_id']) : 0;
		$token = isset($headers['token'])? $headers['token'] : '';
		$token_key = 'token_'.$user_id;
		$token_val = $this->mycache->get($token_key);
		if($user_id && $token == $token_val){
			$oldPwd = $this->input->get_post('old_pwd');
			$newPwd = $this->input->get_post('new_pwd');
			$newPwd2 = $this->input->get_post('new_pwd2');
			
			if(!$oldPwd){
				$ret['msg'] = '请输入旧密码';
				$ret['code'] = 2;
				echo json_encode($ret);exit;
			}elseif (!$newPwd){
				$ret['msg'] = '新密码不能为空';
				$ret['code'] = 3;
				echo json_encode($ret);exit;
			}elseif (!isset($newPwd[5])){
				$ret['msg'] = '新密码长度不够';
				$ret['code'] = 4;
				echo json_encode($ret);exit;
			}elseif ($newPwd!=$newPwd2){
				$ret['msg'] = '新密码输入不一致';
				$ret['code'] = 5;
				echo json_encode($ret);exit;
			}else{
				//$user_id = $user['user_id'];
				$this->load->model('User_model', 'user');
				$user = $this->user->get_by_uid($user_id);
				
				if(md5(md5($oldPwd)) == $user['password']){
					$res = $this->user->update(array('password'=>md5(md5($newPwd))),array('user_id'=>$user_id));
					//uc修改密码
					/*include './config.inc.php';
					include './uc_client/client.php';
					$int = uc_user_edit($user['username'], $oldPwd, $newPwd, '');
					if($int){
						require_once './include/db_mysql.class.php';
						$db = new dbstuff;
						$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset ? $dbcharset : 'utf-8');
						$tmpRow = $db->fetch_first("SELECT * FROM ".$tablepre."members WHERE username='{$user['username']}'");
						$newUcPwd = md5(md5($newPwd).$tmpRow['salt']);
						$db->query("UPDATE ".$tablepre."members SET password='$newUcPwd' WHERE username='{$user['username']}'");
					}*/
					if ($res){
						$this->mycache->delete($token_key);
						$ret['msg'] = '操作成功';
						$ret['code'] = 0;
						echo json_encode($ret);exit;
					}else{
						$ret['msg'] = '操作失败';
						$ret['code'] = 7;
						echo json_encode($ret);exit;
					}
					
				}else{
					$ret['msg'] = '旧密码不正确';
					$ret['code'] = 6;
					echo json_encode($ret);exit;
				}
			}
			
		}else{
			$ret['msg'] = '请先登录';
			$ret['code'] = 1;
			echo json_encode($ret);exit;
		}
	}
	
}